Today, there is increasing use of “smart cards” in place of, or in addition to, conventional magnetic stripe cards. A “smart card” is a thin card about the size of a credit card, with a built-in processor that enables the card to create data in response to external stimuli. The processor is a single-wafer integrated circuit (IC) which is mounted on an otherwise plastic card. For this reason, smart cards are often referred to as one class of “integrated circuit cards” or “IC cards”.
As smart card technology becomes more pervasive, it paves the way for conducting a variety of new transactions, such as electronic money, which are not available with conventional mag-stripe cards. Smart cards also open up the arena for conducting certain new “offline” transactions, which do not involve validating a card with a central authority. These offline electronic transactions are typically performed without the human intervention, such as from a sales clerk.
Smart cards are equipped with authentication capabilities used to establish the identity of an entity with which it is communicating. An identity can be an individual human being, a business, a piece of computing hardware, software code, a network node, an organizational role, or an accreditation agent. Smart cards also have authorization capabilities to control access to resources stored on the cards or elsewhere.
Smart cards typically store data as exact or specific values. For example, the age of a user is stored as a number of years, the salary of a user is stored as a dollar value, and credit of a user is stored as loyalty point precise counts. For many computations that are performed by identities outside of the smart card, these exact values are not necessary. Yet, because this is the only data that the smart card stores, it must be provided to the requesting identity. For example, to sell cigarettes to a cardholder, a merchant need only know that the cardholder is over 18 years of age. It is unnecessary for the merchant to know the exact age of the cardholder. In many instances where specific data values are not explicitly required by an identity, rendering such specific values can be undesirable. For example, an individual may wish to protect aspects of their privacy. Yet, having to provide specific data values to some requesting identities unnecessarily compromises their privacy. On the other side of the equation, requesting identities may not want to take possession of specific data values if they do not need them for their purposes. Possessing more information than is necessary could create liability for a particular identity. For example, an identity may require certain salary information for purposes of computing cardholder benefits. The benefits might be correlated with a variety of salary ranges rather than specific salary values. If a cardholder is only able to provide their specific salary value to a requesting identity, then the identity must, necessarily, come into possession of it in order to compute the benefits. Once in possession of the specific salary value, it becomes subject to compromise which, in turn, could create liability for the identity.
Accordingly, it would be desirable to provide a way of masking or modulating data relative to particular identities in accordance with the identities' data needs.